Re: Privoxy stable release is 3.0.8

2008-04-02 Thread Matthew Dempsky 
On Wed, Apr 2, 2008 at 4:10 PM, Mike Erdely <[EMAIL PROTECTED]> wrote:
>  For what it's worth, that section of code was wrapped in:
>  #ifdef __MINGW32__
>  char *strdup...
>  #endif /* def __MINGW32__ */

Right, that's why I said:

>  > (Of course, OpenBSD provides strdup in libc, so
>  > this code isn't used, patched or not.)

I noticed the "result != NULL" check in the context before the strlcpy
change while quickly reviewing the diff, and thought it was
suspicious.  After investigating further to confirm that it's a bug
(were someone to try to use it on mingw32 after porting strlcpy...), I
thought I'd just point it out as an example of how carelessly
replacing strcpy with strlcpy can break ports.

Re: Privoxy stable release is 3.0.8

2008-04-02 Thread Will Maier 
On Wed, Apr 02, 2008 at 05:48:51PM -0400, Mike Erdely wrote:
> This updates privoxy to 3.0.8.  Some patches were removed because
> they're included upstream.  Works for me on i386 and builds &
> packages on alpha, sparc64 & macppc.  Discussed with old
> MAINTAINER (ckuethe), I'll take maintainership.

Looks good on i386.

-- 

o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*

Re: Privoxy stable release is 3.0.8

2008-04-02 Thread Mike Erdely 
On Wed, Apr 02, 2008 at 03:54:52PM -0700, Matthew Dempsky wrote:
> On Wed, Apr 2, 2008 at 2:48 PM, Mike Erdely <[EMAIL PROTECTED]> wrote:
> >  -@@ -344,7 +344,7 @@ char *strdup( const char *s )
> >  -
> >  -if (result != NULL)
> >  -{
> >  --  strcpy( result, s );
> >  -+  strlcpy( result, s, sizeof(result) );
> >  -}
> >  -
> >  -return( result );
> 
> It seems worth pointing out that this patch is an example of
> carelessly replacing strcpy with strlcpy.  result here is a pointer,
> not a fixed size array, so sizeof(result) just returns 4 or 8 instead
> of the buffer size.  (Of course, OpenBSD provides strdup in libc, so
> this code isn't used, patched or not.)

For what it's worth, that section of code was wrapped in:
#ifdef __MINGW32__
char *strdup...
#endif /* def __MINGW32__ */

-ME

Re: Privoxy stable release is 3.0.8

2008-04-02 Thread Matthew Dempsky 
On Wed, Apr 2, 2008 at 2:48 PM, Mike Erdely <[EMAIL PROTECTED]> wrote:
>  -@@ -344,7 +344,7 @@ char *strdup( const char *s )
>  -
>  -if (result != NULL)
>  -{
>  --  strcpy( result, s );
>  -+  strlcpy( result, s, sizeof(result) );
>  -}
>  -
>  -return( result );

It seems worth pointing out that this patch is an example of
carelessly replacing strcpy with strlcpy.  result here is a pointer,
not a fixed size array, so sizeof(result) just returns 4 or 8 instead
of the buffer size.  (Of course, OpenBSD provides strdup in libc, so
this code isn't used, patched or not.)

Re: Privoxy stable release is 3.0.8

2008-04-02 Thread Mike Erdely 
On Sat, Mar 15, 2008 at 05:57:37PM +0100, you wrote:
> But ports still have 3.0.3. Any chances of getting this updated? There's
> atleast one security update in there...

This updates privoxy to 3.0.8.
Some patches were removed because they're included upstream.
Works for me on i386 and builds & packages on alpha, sparc64 & macppc.
Discussed with old MAINTAINER (ckuethe), I'll take maintainership.

ok?

-ME

Index: Makefile
===
RCS file: /cvs/ports/www/privoxy/Makefile,v
retrieving revision 1.12
diff -u -p -r1.12 Makefile
--- Makefile15 Sep 2007 20:38:25 -  1.12
+++ Makefile2 Apr 2008 21:10:03 -
@@ -2,13 +2,13 @@
 
 COMMENT=   web proxy with advanced filtering capabilities
 
-DISTNAME=  privoxy-3.0.3-2-stable
-PKGNAME=   ${DISTNAME:S/-2-stable//}p0
+DISTNAME=  privoxy-3.0.8-stable
+PKGNAME=   ${DISTNAME:S/-stable//}
 CATEGORIES=www
 
 HOMEPAGE=  http://www.privoxy.org/
 
-MAINTAINER=Chris Kuethe <[EMAIL PROTECTED]>
+MAINTAINER=Michael Erdely <[EMAIL PROTECTED]>
 
 # GPL
 PERMIT_PACKAGE_CDROM=  Yes
@@ -18,9 +18,7 @@ PERMIT_DISTFILES_FTP= Yes
 WANTLIB=   c pthread
 
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=ijbswa/}
-EXTRACT_SUFX=  .src.tar.gz
-
-WRKDIST=   ${WRKDIR}/${DISTNAME:S/-2//}
+EXTRACT_SUFX=  -src.tar.gz
 
 NO_REGRESS=Yes
 
Index: distinfo
===
RCS file: /cvs/ports/www/privoxy/distinfo,v
retrieving revision 1.5
diff -u -p -r1.5 distinfo
--- distinfo5 Apr 2007 17:26:25 -   1.5
+++ distinfo2 Apr 2008 19:25:29 -
@@ -1,5 +1,5 @@
-MD5 (privoxy-3.0.3-2-stable.src.tar.gz) = 1/bC/Lkm5hEGWd5uhmsh5A==
-RMD160 (privoxy-3.0.3-2-stable.src.tar.gz) = FFcCPTxzv74RLnJiZkepGlDQorc=
-SHA1 (privoxy-3.0.3-2-stable.src.tar.gz) = y0QWvzjMVSsmWM9O1AX7OgL96bs=
-SHA256 (privoxy-3.0.3-2-stable.src.tar.gz) = 
fkiP0Q6kGKY8i9z3F4WauH8kQFSBtxc6QUhSnbs9SOc=
-SIZE (privoxy-3.0.3-2-stable.src.tar.gz) = 1512489
+MD5 (privoxy-3.0.8-stable-src.tar.gz) = JSwOCFIY+5MMS8dWPpzt2Q==
+RMD160 (privoxy-3.0.8-stable-src.tar.gz) = YE3WGiLcdNBtStqks8h+TV2lFJs=
+SHA1 (privoxy-3.0.8-stable-src.tar.gz) = f+K3r95AZu8fFw9fEYUM+dpCikI=
+SHA256 (privoxy-3.0.8-stable-src.tar.gz) = 
7NUcsnhWkfTpDgfRR/XsiaFRsuV49xr7Jr3ZAZVHhJk=
+SIZE (privoxy-3.0.8-stable-src.tar.gz) = 2007961
Index: patches/patch-GNUmakefile_in
===
RCS file: /cvs/ports/www/privoxy/patches/patch-GNUmakefile_in,v
retrieving revision 1.3
diff -u -p -r1.3 patch-GNUmakefile_in
--- patches/patch-GNUmakefile_in23 May 2004 21:38:11 -  1.3
+++ patches/patch-GNUmakefile_in2 Apr 2008 19:41:34 -
@@ -1,15 +1,7 @@
 $OpenBSD: patch-GNUmakefile_in,v 1.3 2004/05/23 21:38:11 pvalchev Exp $
 GNUmakefile.in.orig2002-11-04 00:04:03.0 -0700
-+++ GNUmakefile.in 2004-05-23 15:31:25.0 -0600
-@@ -154,7 +154,6 @@ DOC_STATUS = @DOC_STATUS@
- #DOSFILTER  = gawk -v ORS='\r\n' '{print $0;}'
- DOSFILTER  = $(PERL) -p -e 's/\n/\r\n/'
- CVSROOT= :pserver:[EMAIL PROTECTED]:/cvsroot/ijbswa
--TMPDIR := $(shell mktemp -d /tmp/$(PROGRAM).XX)
- 
- #
- # Setup for make distribution rh and suse for now 
-@@ -226,7 +225,7 @@ PTHREAD_LIB  = @PTHREAD_ONLY@@PTHREAD_LI
+--- GNUmakefile.in.origWed Apr  2 15:27:11 2008
 GNUmakefile.in Wed Apr  2 15:27:48 2008
+@@ -226,7 +226,7 @@ PTHREAD_LIB  = @PTHREAD_ONLY@@PTHREAD_LIB@
  SRCS = $(C_SRC)  $(W32_SRC)  $(PCRS_SRC)  $(PCRE_SRC)  $(REGEX_SRC)
  OBJS = $(C_OBJS) $(W32_OBJS) $(PCRS_OBJS) $(PCRE_OBJS) $(REGEX_OBJS)
  HDRS = $(C_HDRS) $(W32_HDRS) $(PCRS_HDRS) $(PCRE_OBJS) $(REGEX_HDRS)
@@ -18,11 +10,3 @@ $OpenBSD: patch-GNUmakefile_in,v 1.3 200
  
  
  #
-@@ -333,6 +332,7 @@ dist-check:
- # This creates a tar.gz and spec-file for a Red Hat 6.x version.
- #
- create-snapshot:
-+  TMPDIR = $(shell mktemp -d /tmp/$(PROGRAM).XX)
-   @tag=`cvs -d $(CVSROOT) status Makefile | awk ' /Sticky Tag/ { print 
$$3 } '` 2> /dev/null; \
-   [ x"$$tag" = x"(none)" ] && tag=HEAD; \
-   echo "*** Creating package from $$tag!"; \
Index: patches/patch-actions_c
===
RCS file: patches/patch-actions_c
diff -N patches/patch-actions_c
--- patches/patch-actions_c 1 Apr 2003 20:52:59 -   1.2
+++ /dev/null   1 Jan 1970 00:00:00 -
@@ -1,21 +0,0 @@
-$OpenBSD: patch-actions_c,v 1.2 2003/04/01 20:52:59 sturm Exp $
 actions.c.orig Fri Feb 28 07:52:10 2003
-+++ actions.c  Sat Mar 29 18:17:02 2003
-@@ -1206,7 +1206,7 @@ static int load_one_actions_file(struct 
- init_action(cur_action);
- 
-

Privoxy stable release is 3.0.8

2008-03-15 Thread Andraž 'ruskie' Levstik 
But ports still have 3.0.3. Any chances of getting this updated? There's
atleast one security update in there...